Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0
References
Link | Resource |
---|---|
https://kb.isc.org/docs/aa-01565 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2019-10-09 16:15
Updated : 2024-02-28 17:28
NVD link : CVE-2018-5732
Mitre link : CVE-2018-5732
CVE.ORG link : CVE-2018-5732
JSON object : View
Products Affected
isc
- dhcp
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer